Repository logo
 
Profile Picture
Person

Cerdeira Negrão, Miguel

Metadata only
3B1A-36E2-B96B
0000-0002-6540-3164

Filters

2018 - 201912020 - 20253
Reset filters

Settings

Search Results

Now showing 1 - 4 of 4
  • Digital Forensic Artifacts of FIDO2 Passkeys in Windows 11
    Publication . Domingues, Patricio; Frade, Miguel; Negrão, Miguel
    FIDO2’s passkey aims to provide a passwordless authentication solution. It relies on two main protocols – WebAuthn and CTAP2 – for authentication in computer systems, relieving users from the burden of using and managing passwords. FIDO2’s passkey leverages asymmetric cryptography to create a unique public/private key pair for website authentication. While the public key is kept at the website/application, the private key is created and stored on the authentication device designated as the authenticator. The authenticator can be the computer itself – same-device signing –, or another device – cross-device signing –, such as an Android smartphone that connects to the computer through a short-range communication method (NFC, Bluetooth). Authentication is performed by the user unlocking the authenticator device. In this paper, we report on the digital forensic artifacts left on Windows 11 systems by registering and using passkeys to authenticate on websites. We show that digital artifacts are created in Windows Registry and Windows Event Log. These artifacts enable the precise dating and timing of passkey registration, as well as the usage and identification of the websites on which they have been activated and utilized. We also identify digital artifacts created when Android smartphones are registered and used as authenticators in a Windows system. This can prove useful in detecting the existence of smartphones linked to a given individual.
    2024-07-30Conference object Open access Show more
  • Decrypting messages: Extracting digital evidence from signal desktop for windows
    Publication . Paulino, Gonçalo; Negrão, Miguel; Frade, Miguel; Domingues, Patrício
    With growing concerns over the security and privacy of personal conversations, end-to-end encrypted instant messaging applications have become a key focus of forensic research. This study presents a detailed methodology along with an automated Python script for decrypting and analyzing forensic artifacts from Signal Desktop for Windows. The methodology is divided into two phases: i) decryption of locally stored data and ii) analysis and documentation of forensic artifacts. To ensure data integrity, the proposed approach enables retrieval without launching Signal Desktop, preventing potential alterations. Additionally, a reporting module organizes extracted data for forensic investigators, enhancing usability. Our approach is effective in extracting and analyzing encrypted Signal artifacts, providing a reliable method for forensic investigations.
    2025-09Journal article Open access Show more
  • SpeechToText: An open-source software for automatic detection and transcription of voice recordings in digital forensics
    Publication . Negrão, Miguel; Domingues, Patrício
    Voice is the most natural way for humans to communicate with each other, and more recently, to interact with voice controlled digital machines. Although text is predominant in digital platforms, voice and video are becoming increasingly important, with communication applications supporting voice messages and videos. This is relevant for digital forensic examinations, as content held in voice format can hold relevant evidence for the investigation. In this paper, we present the open source SpeechToText software, which resorts to state-of-the art Voice Activity Detection (VAD) and Automatic Speech Recognition (ASR) modules to detect voice content, and then to transcribe it to text. This allows integrating voice content into the regular flow of a digital forensic investigation, with transcribed audio indexed by text search engines. Although SpeechToText can be run independently, it also provides a Jython-based software module for the well-known Autopsy software. The paper also analyzes the availability, storage location and audio format of voice-recorded content in 14 popular Android applications featuring voice recordings. SpeechToText achieves 100% accuracy for detecting voice in unencrypted audio/video files, a word error rate (WER) of 27.2% when transcribing English voice messages by non-native speakers and a WER of 7.80% for the test-clean set of LibriSpeech. It achieves a real time factor of 0.15 for the detection and transcription process in a medium-range laptop, meaning that 1 min of speech is processed in roughly 9 s.
    2021-09Journal article Restricted access Show more
  • NNdef: livecoding digital musical instruments in SuperCollider using functional reactive programming
    Publication . Negrão, Miguel Cerdeira
    The SuperCollider audio synthesis environment allows the definition of Synths, digital instruments which generate sound using a graph of interconnected unit generators. In SuperCollider the definition of a Synth is mostly declarative, on the other hand the logic for controlling parameters of a Synth using musical controllers is usually implemented in a different context using callbacks and explicit state. This paper presents a different approach where functional reactive programming (FRP) is used to define the control logic of the instrument, taking inputs from musical controllers, mobile apps or graphical user interface (GUI) widgets and sending outputs to the audio graph. Both audio and FRP graphs are defined in the same context and compiled simultaneously avoiding a hard division between audio and control logic. An FRP implementation is used in the NNdef class to enable livecoding of both audio and FRP code, with hotswap allowing an interactive workflow. Also included is a system to persist the state in the FRP network in order to save and recall the instrument at a later time.
    2018Conference paper Restricted access Show more